tweak install-key-manager.sh & key-manager.py

author Alain Spineux <alain@baculasystems.com>

Fri, 13 Jan 2023 16:39:51 +0000 (17:39 +0100)

committer Eric Bollengier <eric@baculasystems.com>

Thu, 14 Sep 2023 11:57:00 +0000 (13:57 +0200)
author Alain Spineux <alain@baculasystems.com>
Fri, 13 Jan 2023 16:39:51 +0000 (17:39 +0100)
committer Eric Bollengier <eric@baculasystems.com>
Thu, 14 Sep 2023 11:57:00 +0000 (13:57 +0200)
diff --git a/bacula/scripts/install-key-manager.sh.in b/bacula/scripts/install-key-manager.sh.in

index cac8b6264623d9d8c535b7590e0640b24aa02b30..2c91a5c4113c380d210cb9110b210ed9bfa98a7e 100644 (file)
--- a/bacula/scripts/install-key-manager.sh.in
+++ b/bacula/scripts/install-key-manager.sh.in
@@ -39,15 +39,23 @@ check_gnupg()
  
  #############################################################################
  #
-# check_gnupg
+# check
  #
  #############################################################################
-check_gnupg()
+check_python_gnupg()
  {
-   # Check if GnuPG is installed
-   GNUPGBIN=`which gpg`
-   if [ -z "$GNUPGBIN" ] ; then
-      echo "GnuPG is not found or not installed" >&2
+   # Check if the python3 API is installed for GnuPG
+   PYTHON3=`which python3`
+   if [ -z "$PYTHON3" ] ; then
+      echo "python3 is not found or not installed" >&2
+      exit 1
+   fi
+   OUT=`mktemp`
+   $PYTHON3 -c 'import gnupg;print("OK" if gnupg.GPG else "KO")' >$OUT 2>/dev/null
+   out=`cat $OUT`
+   if [ "$out" != "OK" ] ; then
+      echo "python3 gnupg module is not found" >&2
+      echo "try: pip3 install gnupg" >&2
        exit 1
     fi
  }
@@ -60,14 +68,14 @@ check_gnupg()
  check()
  {
     check_gnupg
+   check_python_gnupg
  
     if [ -e $GNUPGHOME ] ; then
        echo "Directory \"$GNUPGHOME\" exists"
-      exit 0
     else
-      echo "Directory \"$GNUPGHOME\" don't exist"
-      exit 1
+      echo "Directory \"$GNUPGHOME\" doesn't exist"
     fi
+   exit 0
  }
  
  #############################################################################
diff --git a/bacula/scripts/key-manager.py.in b/bacula/scripts/key-manager.py.in

index 2dc66a8712b0d406cfd3ebcb16e8b4d8b7121f25..898e9bd7579d67e0f2c463ad88bc1718084425bc 100644 (file)
--- a/bacula/scripts/key-manager.py.in
+++ b/bacula/scripts/key-manager.py.in
@@ -230,8 +230,7 @@ def get_crypto_ctx_from_config(args, volume_name, master_keyid=None):
              None : for error
              MasterKey object : the master-key
      """
-    crypto_ctx=CryptoCtx()
-    crypto_ctx.cipher=args.cipher
+
      if args.config:
          try:
              config=configparser.ConfigParser()
@@ -265,31 +264,35 @@ def get_crypto_ctx_from_config(args, volume_name, master_keyid=None):
                  if match:
                      the_section=section
                      break
-            if  not the_section:
-                logging.error("no master-key defined for volume \"%s\"", volume_name)
-                print("error: no master-key define for volume \"{}\"".format(volume_name))
-                return None
+            if not the_section:
+                logging.debug("no master-key defined for volume \"%s\"", volume_name)
+
          crypto_ctx=CryptoCtx()
-        crypto_ctx.master_key_id=the_section
-        try:
-            crypto_ctx.gnupghome=config.get(the_section, 'gnupghome')
-            if crypto_ctx.gnupghome.startswith('"') and crypto_ctx.gnupghome.endswith('"'):
-                crypto_ctx.gnupghome=crypto_ctx.gnupghome[1:-1]
-        except configparser.NoOptionError:
-            crypto_ctx.cipher=GNUPGHOME
-        try:
-            crypto_ctx.cipher=config.get(the_section, 'cipher')
-        except configparser.NoOptionError:
+        if the_section==None:
+            # no master key
+            crypto_ctx.master_key_id=None
              crypto_ctx.cipher=args.cipher
-        try:
-            crypto_ctx.stealth=config.getboolean(the_section, 'stealth')
-        except configparser.NoOptionError:
-            pass
-        try:
-            crypto_ctx.passphrase=config.get(the_section, 'passphrase')
-        except configparser.NoOptionError:
-            pass
-        logging.info("use masterkey %r and cipher \"%s\" for volume \"%s\"", crypto_ctx.master_key_id, crypto_ctx.cipher, volume_name)
+        else:
+            crypto_ctx.master_key_id=the_section
+            try:
+                crypto_ctx.gnupghome=config.get(the_section, 'gnupghome')
+                if crypto_ctx.gnupghome.startswith('"') and crypto_ctx.gnupghome.endswith('"'):
+                    crypto_ctx.gnupghome=crypto_ctx.gnupghome[1:-1]
+            except configparser.NoOptionError:
+                crypto_ctx.gnupghome=GNUPGHOME
+            try:
+                crypto_ctx.cipher=config.get(the_section, 'cipher')
+            except configparser.NoOptionError:
+                crypto_ctx.cipher=args.cipher
+            try:
+                crypto_ctx.stealth=config.getboolean(the_section, 'stealth')
+            except configparser.NoOptionError:
+                pass
+            try:
+                crypto_ctx.passphrase=config.get(the_section, 'passphrase')
+            except configparser.NoOptionError:
+                pass
+            logging.info("use masterkey %r and cipher \"%s\" for volume \"%s\"", crypto_ctx.master_key_id, crypto_ctx.cipher, volume_name)
  
      return crypto_ctx
author	Alain Spineux <alain@baculasystems.com>
	Fri, 13 Jan 2023 16:39:51 +0000 (17:39 +0100)
committer	Eric Bollengier <eric@baculasystems.com>
	Thu, 14 Sep 2023 11:57:00 +0000 (13:57 +0200)
bacula/scripts/install-key-manager.sh.in		patch \| blob \| blame \| history
bacula/scripts/key-manager.py.in		patch \| blob \| blame \| history